Apple iPhone users waiting to update to iOS 18 could be putting their security at risk, according to a new warning from researchers.
Michael Covington, VP of strategy at Jamf, says that wariness around the iPhone maker’s AI features, Apple Intelligence, may be preventing some organizations from applying the latest operating system update iOS 18.
It comes as security researchers at Jamf detailed a transparency, consent, and control (TCC) subsystem vulnerability in iOS and macOS tracked as CVE-2024-44131, which was patched when Apple issued its iOS 18 update.
If this TCC bypass vulnerability is successfully exploited by attackers, iPhone and Mac users could see their sensitive data accessed by another application — including any malicious applications on the device — the researchers warn.
This is because the flaw in the TCC subsystem in iOS fails to notify users when another application tries to access sensitive information such as photos, GPS location and contacts. This could see the TCC bypass vulnerability affecting FileProvider in both macOS and iOS allowing an app to access sensitive data without the user’s knowledge.
The iOS TCC bypass vulnerability allows a malicious application to copy extensive user data from iCloud. “Alarmingly, this exploitation occurs without leaving any trace of the data accessed, posing a threat to user privacy and overall data security,” the researchers said.
What’s A TCC Bypass Attack In iOS And macOS?
Just like macOS, iOS implements the TCC mechanism to notify users when an application tries to access sensitive information. Users are provided with an option to either “grant” or “deny” access to specific data on a per-application basis.
When a vulnerability in the TCC mechanism allows a third-party application to access this data without regard for the user-specified policy, it is known as a “TCC bypass,” Jamf researchers explained.
iPhone Security Concerns
According to the researchers, the discovery highlights a broader security concern as attackers “focus on data and intellectual property that can be accessed from multiple locations, allowing them to focus on compromising the weakest of the connected systems.”
Services like Apple’s iCloud, which allow data to sync across devices including iPhones and Macs, enable attackers to attempt exploits across “a variety of entry points” as they look to accelerate their access to valuable information, Jamf researchers warned.
Attacks Across iPhone and Mac
It is also a “powerful indicator” that adversaries are evolving and developing attacks that can be applied to both desktop and mobile platforms, Jamf researchers said. “It reinforces that mobile security must be taken just as seriously as desktop security, especially when sensitive data is synced across platforms.”
Worse still, exploitation of this vulnerability can happen “in the blink of an eye, entirely undetected by the end user,” Jamf researchers said.
Why You Should Update Your iPhone To iOS 18
Apple has responded by patching the flaw in iOS 18 and macOS 15. To protect yourself, the “most immediate and effective step” is to update to the latest operating system versions, Jamf researchers said.
Users who are reluctant to apply the iOS 18 update and patch the bug are effectively leaving the vulnerability — which is now public knowledge — exposed for an attacker to misuse, says Covington.
It is “nearly impossible” for individuals to monitor all of the bug-fixes that are issued for each device they use, says Covington. “Applying critical patches as soon as they are published helps to thwart attackers looking to target victims through the latest vulnerabilities,” he says.
It’s always a good idea to update to the latest operating system — in this case iOS 18.1.1, with iOS 18.2 coming soon— if you care about your security. Another way to reduce the impact of this attack is to be careful of the apps you install on your iPhone, ensuring you‘re reading the reviews and periodically deleting any you don’t use.
